Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-03 | CVE-2005-1372 | Local Privilege Escalation vulnerability in BakBone NetVault NVStatsMngr.EXE nvstatsmngr.exe process in BakBone NetVault 7.1 does not properly drop privileges before opening files, which allows local users to gain privileges via the Help menu. | 4.6 |
| 2005-05-03 | CVE-2005-0106 | Unspecified vulnerability in Ubuntu Linux 5.04 SSLeay.pm in libnet-ssleay-perl before 1.25 uses the /tmp/entropy file for entropy if a source is not set in the EGD_PATH variable, which allows local users to reduce the cryptographic strength of certain operations by modifying the file. | 4.6 |
| 2005-05-02 | CVE-2005-1359 | Cross-Site Scripting vulnerability in Text.Cgi Cross-site scripting (XSS) vulnerability in text.cgi script allows remote attackers to inject arbitrary web script or HTML via the argument. network text-cgi | 4.3 |
| 2005-05-02 | CVE-2005-1357 | Remote Security vulnerability in Text.Cgi text.cgi script allows remote attackers to read arbitrary files via a full pathname in the argument. | 5.0 |
| 2005-05-02 | CVE-2005-1356 | Cross-Site Scripting vulnerability in Includer.Cgi Cross-site scripting (XSS) vulnerability in includer.cgi script in The Includer allows remote attackers to inject arbitrary web script or HTML via the argument. network includer-cgi | 4.3 |
| 2005-05-02 | CVE-2005-1355 | Remote Security vulnerability in Includer.Cgi 1.1 includer.cgi in The Includer allows remote attackers to read arbitrary files via a full pathname in the argument, a similar vulnerability to CVE-2005-0801. | 5.0 |
| 2005-05-02 | CVE-2005-1353 | Remote Security vulnerability in Forum.Pl The forum.pl script allows remote attackers to read arbitrary files via a full pathname in the argument. | 5.0 |
| 2005-05-02 | CVE-2005-1352 | Cross-Site Scripting vulnerability in ad.cgi Cross-site scripting (XSS) vulnerability in the ad.cgi script allows remote attackers to inject arbitrary web script or HTML via the argument. network leif-m-wright | 4.3 |
| 2005-05-02 | CVE-2005-1350 | Remote Security vulnerability in ad.cgi The ad.cgi script allows remote attackers to read arbitrary files via a full pathname in the argument. | 5.0 |
| 2005-05-02 | CVE-2005-1327 | Cross-Site Scripting vulnerability in WoltLab Burning Board Cross-site scripting (XSS) vulnerability in pms.php for Woltlab Burning Board 2.3.1 PL2 and earlier allows remote attackers to inject arbitrary web script or HTML via the folderid parameter. network woltlab | 4.3 |